Posting security setups a bad idea?

Discussion in 'polls' started by Page42, Jul 19, 2011.

?

Is posting your security setup a bad idea?

  1. Yes, it is a bad idea (explain)

    16.0%
  2. No, it is not a bad idea (explain)

    73.0%
  3. Other

    11.0%
  1. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Someone asked recently if posting our security setups was really such a good idea?

    I think doing so is necessary in a forum wherein members are seeking help, and respondents can see at a glance what programs are running. And I also think that around Wilders, many of us wear our security signatures somewhat like a badge of honor. ;)

    It's fun to create such signatures, and to maintain them when changes are made. But are they giving away valuable info to potential attackers?

    Not all members have their setups in a signature. I'd like to know why?
    And for those of you who do list your setups, have you thought about the possible down side?
     
  2. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I voted other.

    There would be a possible danger, if everyone in the planet (using Windows) started to post their security in security forums, and if cyber criminals were lurking around.

    Knowing what we use to protect ourselves sure spares them to the trouble of having to bypass every security software possible.

    If the large % of users use XYZ and not ABC, then why not focus on XYZ?

    Now, will you become a target just for providing your security setup here? We're talking about a few dozens (?) of people sharing their security setup.
     
  3. guest

    guest Guest

    I voted other because for some people, it's like an addiction.

    Anyways, it's fun and informative to read what people use.

    Sometimes I post as well, but I don't really keep any "updated" list of what I use.
     
  4. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    It's not a bad idea IMO people are going to use what they want anyways! ;) Let them attack if they can?

    TH
     
    Last edited: Jul 19, 2011
  5. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Absolutley not,unless malware can read forum posts.:doubt:Hackers go for it. what pc is my security on,and it changes by the minute.
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I think that if someone were to (for whatever reason) target Wilders users than it would probably make it easier knowing what they've got to deal with. However, I don't think any of us are going to be targeted... but you really never know.
     
  7. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    The 'Other' category might turn out to be a safe haven for people who feel very strongly both ways. :)
    Or for people who don't feel very strongly either way.

    I'd really like to hear from the members who don't post their setups in a signature.
     
  8. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,322
    Location:
    Philippines
    Voted No. Here is my setup in this machine. Behind a router, that's it. No anti-anything installed.
     
  9. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    You have two kinds of hackers - those who are actually hackers and those who just want to be hackers.

    If a true blue hacker wanted into your/my system, they might be able to find a way in, because they know what they are doing. But what does a true hacker really want in my system? Maybe the challenge, but not much else to get. Not true of everyones system, but the point is that you have to know which computer to hack to make it worth your while.

    The wannabe hacker, used to be known as names like "script kiddie" etc, they are a different story. Although they would gladly try to hack you, they lack the real skills needed. They lurk in forums and try to learn to become a hacker, but mostly they attempt to use tools to do thier hacking for them. A good router and some decent security in place, and most of these wannabe hackers will be kept out. I am sure some break through sometimes though. Don't believe this? It isn't hard to find forums dedicated to black/white hat topics, and it is easy to find all kinds of threads about noob hackers/crackers trying to "learn the ropes".

    The questions I would ask though are:

    1. if you post your security publicly, and you are using some decent tools, why would a hacker even want to attempt it when there are much easier victims a dime a dozen out on the net?

    2. do you (whomever you are ;) ) actually know how to go about hacking? Do you know how to pick a person out of a forum like this one, and actually know how to target them? Do you think it is just a matter of "oh, I think I will hack that persons computer"?

    Ultimately, it isn't hackers that try to break through my perimeter that I would worry about, but rather it is the hacker who dupes you into visiting a website or executing something. When users willingly/unknowningly allow a hole into thier system, the invite the easy hack. That is where personal threats come from IMO.

    Sul.
     
  10. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    I totally agree with sully. ;)
     
  11. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    No, they won't find out my security practices, or the all the detailed settings. How will they find out our IP addresses anyways?

    Mine's too large to list in a signature.
    Yes, after you mentioned them.
     
  12. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    I voted "NO" for two basic reasons:
    - many users on this forum are advanced and very advanced...so at least evaluate their other users - those less advanced - and combos that are published, are often good or excellent example of "how to compose own"
    - even if these sets are too hard and make trouble...even if they are changed to other, all these experiences bring as a result positive effects - greater skills and knowledge of security problems.
     
  13. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    I've thought about this before too. But the main reason I don't list mine anymore is because it can make you come across as a fan boy, and unobjective when giving an assessment of something. Some people will hate you on and respond rudely simply because you have a rival product in your sig.

    And for some people, I think, their setup changes so often that updating their sigs accordingly would be a FT job.

    I think it can be very useful to list your OS though. This can allow some knowledgeable members to help you troubleshoot issues.
     
  14. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    No it's not a bad idea.

    FWIW,most setups that people show off here, are so rehashed over and over,I dont think people even realize this :argh: But if it makes you sleep better at night,go for it!

    I just think too many here,advertise their setups waaaay too much. Whats the point if you spend so much time here @ Wilders? Wilders doesnt have any malware,etc etc. Use the PC for what it was intended for! You surely dont need a secure setup to browse Wilders all the time.
     
  15. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    I don't think its a bad idea.
    My signature gives Wilders a more colorful experience and i don't really think anyone here would target anyone of us LOL, as if we were so important, or am i wrong? :D
     
  16. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Voted...No it's not a bad idea!

    I voted No because I can't see any danger in posting our Sec setups! :)

    For example I know about a company that uses McAfee as their protection, is it bad for them that I know about that? :doubt:
    Or what is this question really about? :doubt: Lurking Hackers? :ninja:
     
  17. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    hehehehehe

    i Don't worry here at wilderssecurity is a safe Place

    all of the Trusted forum i don't worry

    Bleepingcomptuer , geekstogo

    if a man is very very paranoid he can keep a secret weapon in his setup ;)
     
  18. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    I voted other....Comme Ci, Comme Ça ;)
     
  19. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Like so many other questions, the answer depends on what you do with the internet. A lot of people use a common name in different forums so they're easy to recognize. Whgile there may be nothing about Wilders that would make an adversary target you based on what you post here, it's just one of many forums. If you use the same name on several forums, you're easy to find. The details you release here added to the details you released at several other forums might be enough for someone to make an educated guess as to how to infiltrate or attack you. The possible reasons for attacking you are as varied as the forums you frequent. Do your views step on anyone's toes? Being hacked isn't much different that street crime. The smallest things can make the wrong person mad. If you start with the assumption that all software (including security apps) is vulnerable in some way, posting your setup saves a potential attacker the time of finding out what you use, and if any known vulnerabilities exist for some part of your package. Do you support a hacking group like Anonymous or Lulzsec? Some of those they targeted might be interested in you. Have you expressed disgust with those groups methods? They might be interested. The bottom line is that you don't know just what might be a reason for someone to take an interest in you, so why make it any easier for them?
     
  20. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    I am just...Clueless in Seattle... ....or Timbuktu!....or wherever! :D
     
  21. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    When I was saying that it may be a bad idea I was basically saying what noone_particular is talking about. You never know when you're going to piss off a hacker and some of them might just be willing to go after you.
     
  22. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    If someone is worried about something like that just post a phony setup,that ought to through things off.
    Personally I'm not concerned if someone knows my setup (obviously)
     
  23. ProTruckDriver

    ProTruckDriver Registered Member

    Joined:
    Sep 18, 2008
    Posts:
    769
    Location:
    "Here on Wilders"
    I also totally agree with sully. :)
     
  24. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I'm not super concerned. I'm ok with sharing it with other users.

    But I think that if I were subject to an attack from some hacker I'd be in better shape with them not knowing my setup.
     
  25. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    A handful of setups posted online are irrelevant compared to the very real and easy to attain stats on OS and security app usage.

    No malcoder/hacker needs to read a forum to know that XPSP3 running as admin with mcafee or symantc installed is something you need to be able to infect to have a successful campaign.